Hacker News new | past | comments | ask | show | jobs | submit login
N. Korea Took in $2B in Cyberattacks to Fund Weapons Program: U.N. Report (reuters.com)
121 points by atlasunshrugged on Aug 6, 2019 | hide | past | favorite | 64 comments



From whatever I have read so far North Korea government is pretty much a criminal organization like the Mafia . They forge money, sell drugs, abduct people, sell weapons. Pretty much anything is fair game as long as it makes money without any regard for health or life of their own people or foreigners . In addition they have a propensity for killing each other. I think it would make a great mob movie.


Totally, no other government, especially those cyber superpower countries, would ever do such immoral things.


Yeah. I can't imagine Russia ever doing something like Hacking an adversary or abducting someone.


Russia is terrible, but No. Korea is worse for it's size. That's because Russia has large legitimate sources of income, like fossil fuels, agriculture, and manufacturing. No. Korea has much less that other countries want to buy, so it makes most of its currency from criminal activity of one type or another.


Sure they all do that but I would argue that North Korea is on a different level.


How are they training the hackers? Are they being educated abroad, or are they hiring foreign hackers? For a country living in the dark ages, how are they managing to pull this off?


The regime has at least six thousand full-time hackers. Some of those they send overseas to operate. The average North Korean doesn't get exposed to that much tech, but it's another story for specialists, and most of the things they need to learn can be found online. Of course learning materials will be curated and filtered by the most politically trustworthy who themselves will be under constant and multidimensional surveillance.

There are abundant sources online.

https://www.nytimes.com/2017/10/15/world/asia/north-korea-ha...


> are they hiring foreign hackers?

Probably, but they wouldn't need more than one or two.

E: Actually, I should just refer to this awfully specific grugq take https://twitter.com/thegrugq/status/997114164131737600


Agree with this in order of magnitude at least. Even if it's 10 and not 1 or 2, the costs are relatively low. They have drug and other money. Hire for aptitude, train the trainer. Everyone else is shackled by plausible deniability. DPRK gives zero f*cks. Best candidates, best training, whatever equipment, training, and info you want, and go...no bars held.

It's all about removing constraints.


> no bars held

Off topic, but it's "no holds barred". From wrestling: no holds (moves) barred (banned), i.e. anything goes.


It's a sort of silly inverse meme thing. So a little "whoosh", but thanks for noticing.


I love it, will steal..


There are more than a few efnet characters on the run with the right skillset ,I'd be really surprised if a few of them didn't get picked up by NK or similar states.


You get me :) Check my post history (not short) for skeptics. I feel something here. I'm not cocky, just old with a relatively varied history.


I can think of at least a couple of people that "retired" with far too little stolen money in exactly the kind of places where you'd get recruited from by NK & Co.

Nobody ever discusses this publicly, but I feel like everyone that's been around for a bit knows. Many of those names you find in old phrack zines. Frankly, every day I'm surprised none of those old names come up in new indictments.

Who's getting pardoned if Beto manages to get elected? lol.


Would the Chinese government send it's "LulzSec" types to cyber work farms in NK? Or is something else more plausible?


NK has a habit of abducting people with skills they want.


Pay brokers for zero day exploits.

Have a small team of highly paid well off young people with little incentive to take a "moral" stance.

Profit.

Also consider that perhaps they aren't living in the "dark ages" while right on the doorstep of one of the most technologically advanced nations on Earth? These events are happening 200km away from Seoul.


That's exactly what I was thinking, is the Chinese government helping?


The beautiful part here is that the DPRK has (effectively) no cyber infrastructure of its own to retaliate against. It's perfect asymmetric warfare.


Considering the lack of blow back this has generated it seems to be a successful operation on NK's part. Who knows, maybe there will be some future consequences, but everyone globally is so focused on their nukes this seems to get lost on the side. Plus the intel agencies care more about offensive operations and hiding their capabilities, so they don't seem to be making much noise about all this to the public either (not that law enforcement is their job).


If I could prevent NK from getting Nukes, or I could prevent NK from stealing billions from banks... seems pretty reasonable that nukes are still the focus


But aren’t the billions a prerequisite for nukes? At the end of the day they’re still going to need money to make things happen with regards to the nukes. Unless they’re able to go from raw material to facilities and missiles purely from slave labor?


North Korea has substantial hydroelectric power, which could support a highly profitable crypto mining operation. I wonder how much hydropower they need before the opportunity cost of hacking exceeds that of mining crypto. I don’t think anybody wants them to spend money on weapons, but in the eventuality that they never go to war, it would probably be desirable to prevent theft.


I don't see how the opportunity cost of hacking could ever exceed that of mining crypto.


Crypto mining would provide a more stable cashflow and has a more limited downside versus theft. I see your point, given how successful the thieves have been. But I just wonder about the value of hydro power.


Hydro power is nice and all, but monetizing that requires strictly different resources than monetizing hackers. Perhaps hydro power can be valuable, but that will not make hacking any less valuable.


> North Korea has generated an estimated $2 billion for its weapons of mass destruction programs using “widespread and increasingly sophisticated” cyberattacks to steal from banks and cryptocurrency exchanges

I'm more interested in how this proves cryptocurrency markets are liquid enough. Enterprises of all sizes can get in and out of a portfolio of the largest cryptocurrencies.


I will guess even more. And add some drug money lets say about ~$1.3B

Two years ago:

The World Once Laughed at North Korean Cyberpower. No More.

https://www.nytimes.com/2017/10/15/world/asia/north-korea-ha...


There's probably large-scale counterfeiting, too! https://en.wikipedia.org/wiki/Superdollar#North_Korea


Does anyone have a good explanation or thoughts on why a confidential UN report was leaked to the media?


Even if you keep the circle small you have a bunch of people who will have access to the report. Include some people who can gain access if they want to, e.g. IT staff.

It takes one of them who strongly believes that this information should be public knowledge.


How is it possible to attribute cyberattacks to a state sponsored hacking programme?


Often, our intel has hacked their intel and watched them do it.

For example: the US is certain that North Korea was behind the Sony hack because South Korean intelligence hacked North Korean intelligence, and the NSA hacked South Korean intelligence. So the NSA found that it could access Sony servers by going through SK intel to NK intel to Sony.

Another example: one of Cozy and Fancy Bear (don't remember which) is known definitely to be Russian because Dutch intelligence hacked the CCTV cameras outside their Moscow office and was able to correlate times when they conducted spearphishing operations with times when known Russian government hackers were in the office and specific, spearphishing-related Google searches were being issued from computers in the office.


Russian hackers using Google instead of Yandex or other? Or is Google here a metaphor for 'searching the internet'?


I think it was actually Google, but I read the article a while back and it might've been Yandex.


Sloppy opsec is the standard.


1) A classified attribution involving intelligence collection. It could be anything from corrupted foreign officials to hacking

2) A law enforcement investigation would ideally be built upon a collection of circumstantial evidence combined with mistakes by the hacker. In the case of Russia, one of their hackers forgot to log into the VPN before logging into the Guccifer social media account.


Many ways. It’s hard to move $2B while being the target of several rival states intelligence gathering and not leave a trail that leads back to you.


Very. Honestly, they're often not that stealthy (especially N. Korea and Iran) because they have the mantle of an evil regime behind which they can hide. China and Russia barely moreso. Companies with whom I work have been ransomed by these actors, and the FBI has almost always said they know who did it and can do nothing. Policy set higher than them.


Most likely ip address.


Maybe we'll never hear about it but it seems strange we don't have counter cyber ops against their weapons programs, e.g. Israel Stuxnet and Iran's nuclear program.


There's probably some guys in office buildings in Georgia and Maryland who are chucking in their heads as they read your comment.


To think they don't is naive. The US has counter cyber ops against even their closest allies.


Get your enemies to pay for your weapons. Neat trick, if you can pull it off. I'd be more impressed if they used the money to feed their people, though.


The moment the NK people are well fed and able to focus on things other than survival is the moment that the regime will be overthrown.


The same goes for firearms. The moment they can defend themselves is the moment they take the food and resources for themselves. Having your population near starvation and defenseless is the main method used to maintain power as an oppressive fascist regime.


Not only fascist.

Authoritarian regime is more accurate.


I don't think so. Lots of people assume the North Koreans have the same sort of aspirations as westerners do. While they are of course massively indoctrinated and propagandized, don't underestimate the possibility of a fortress nation building a social identity around standing up to all the bigger countries that threaten it. Many such societies have existed in history.


You would be saying the same thing about China 30 years ago.

It's completely wrong in my opinion. Massive failure of cultural projecting by westerners to actually believe this.

Many people just want to be well fed and have safety for their small circles, they truly don't give a shit about politics. What's the US federal election turnouts again :) ?


Military first is the rule. I wonder if they managed to get the stolen money, meaning cash it out. They might have stolen $2B but that money or coins might still be off limits to NK.


The article talks about laundering, which is cashing it out.


How is nk connected to Internet?


Quick google found:

Since 2010: North Korean ISP Star JV via China Unicom link.

Since 2017: TransTeleCom, or TTK, is one of Russia’s biggest telecommunications companies and a subsidiary of the Russian railway operator.

https://www.38north.org/2017/10/mwilliams100117/


Indeed, a ‘beautiful vision for his country’.


Three-letters have known this for years. I know of countless situations in which a company gets ransomware and the FBI has relayed that the attacker is known, it's classified as terrorism, but nothing will happen. They've all seen it happen to many more companies. Basically, our government hasn't stood up to the evil communist bully that is little rocket man. He has committed horrible human rights violations, has attacked our companies (which is typically an act of war), and our government has done nothing.


There is a difference between doing nothing and not telling mises from hackernews what they are doing.


Sounds about as reliable a news as the WMDs of yore...


Sounds considerably more reliable since it's not coming from a single state actor


Could you please be a bit more specific about what you are trying to say?


That there's all kind of propaganda around any enemy du jour, and don't believe everything that you hear, even if it comes from "expert groups" and "independent journalists".

Let's see in a few years...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: